Senior Security Engineer​ Czech Republic or Remote

Responsibilities

• Conduct security analysis on Java libraries and SAP projects to identify vulnerabilities or unsafe code patterns
• Develop, test, and maintain custom CodeQL queries to improve SAST coverage and effectiveness
• Manage and update existing CodeQL queries to align with project needs and security standards
• Perform in-depth false-positive/false-negative analyses to refine SAST accuracy and reduce deviations in CodeQL results

Requirements

• Experience with SAST tools (preferably GitHub CodeQL) and a solid understanding of SAST workflows
• Basic proficiency in Java and ability to read and interpret code across various programming languages
• Experience with GitHub Actions and GitHub Advanced Security (GHAS) is a plus
• Knowledge in Python, JavaScript, and C# is an advantage
• Strong attention to detail and problem-solving skills for precise query writing and code analysis

Nice to have

• Experience with rule or query writing for SAST tools
• Background in secure coding practices and code review

We offer

• Opportunity to work in a fast-paced, agile, software engineering culture
• Comfortable modern office in Prague 7, with support of hybrid or fully remote mode
• Benefit program (5 weeks of vacation, paid sick days, paid days off for special occasions, meal vouchers, flexi pass, Prague city public transport annual coupon, multisport cards, optional contribution to pension fund, health insurance for family member)
• EPAM Employee Stock Purchase Plan (ESPP) (subject to certain eligibility requirements)
• English language courses
• Czech language courses upon request
• Referral bonuses for recommended candidates
• Mobile Phone Tariff’s program for managerial-level candidates
• Great learning and development opportunities, including in-house professional training, career advisory and coaching, sponsored professional certifications, well-being programs, LinkedIn Learning Solutions and much more